Norton Symantec Logo

Symantec was notified of a critical issue in the AVE scan engine when parsing incoming malformed portable-executable (PE) header files.

Such malformed PE files can be received through incoming email, downloading of a document or application, or by visiting a malicious web site. No user interaction is required to trigger the parsing of the malformed file.

Sufficiently malformed, the code executed at the kernel-level with system/root privileges causing a memory access violation.

The most common symptom of successful exploitation resulted in an immediate system crash.

The CVSS2 score for this vulnerability is 9.4.

Symantec product engineers have addressed this in the latest AVE update, version 20151.1.1.4 release effective 5/16/2016 delivered to customers via LiveUpdate along with the usual definition and signature updates